001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.login.action;
016    
017    import com.liferay.portal.AddressCityException;
018    import com.liferay.portal.AddressStreetException;
019    import com.liferay.portal.AddressZipException;
020    import com.liferay.portal.CompanyMaxUsersException;
021    import com.liferay.portal.ContactFirstNameException;
022    import com.liferay.portal.ContactFullNameException;
023    import com.liferay.portal.ContactLastNameException;
024    import com.liferay.portal.DuplicateOpenIdException;
025    import com.liferay.portal.DuplicateUserEmailAddressException;
026    import com.liferay.portal.DuplicateUserScreenNameException;
027    import com.liferay.portal.EmailAddressException;
028    import com.liferay.portal.GroupFriendlyURLException;
029    import com.liferay.portal.NoSuchCountryException;
030    import com.liferay.portal.NoSuchLayoutException;
031    import com.liferay.portal.NoSuchListTypeException;
032    import com.liferay.portal.NoSuchOrganizationException;
033    import com.liferay.portal.NoSuchRegionException;
034    import com.liferay.portal.NoSuchUserException;
035    import com.liferay.portal.OrganizationParentException;
036    import com.liferay.portal.PhoneNumberException;
037    import com.liferay.portal.RequiredFieldException;
038    import com.liferay.portal.RequiredUserException;
039    import com.liferay.portal.ReservedUserEmailAddressException;
040    import com.liferay.portal.ReservedUserScreenNameException;
041    import com.liferay.portal.TermsOfUseException;
042    import com.liferay.portal.UserEmailAddressException;
043    import com.liferay.portal.UserIdException;
044    import com.liferay.portal.UserPasswordException;
045    import com.liferay.portal.UserScreenNameException;
046    import com.liferay.portal.UserSmsException;
047    import com.liferay.portal.WebsiteURLException;
048    import com.liferay.portal.kernel.captcha.CaptchaMaxChallengesException;
049    import com.liferay.portal.kernel.captcha.CaptchaTextException;
050    import com.liferay.portal.kernel.captcha.CaptchaUtil;
051    import com.liferay.portal.kernel.servlet.SessionErrors;
052    import com.liferay.portal.kernel.servlet.SessionMessages;
053    import com.liferay.portal.kernel.util.Constants;
054    import com.liferay.portal.kernel.util.ParamUtil;
055    import com.liferay.portal.kernel.util.Validator;
056    import com.liferay.portal.kernel.workflow.WorkflowConstants;
057    import com.liferay.portal.model.Company;
058    import com.liferay.portal.model.CompanyConstants;
059    import com.liferay.portal.model.Layout;
060    import com.liferay.portal.model.User;
061    import com.liferay.portal.security.auth.PrincipalException;
062    import com.liferay.portal.service.LayoutLocalServiceUtil;
063    import com.liferay.portal.service.ServiceContext;
064    import com.liferay.portal.service.ServiceContextFactory;
065    import com.liferay.portal.service.UserLocalServiceUtil;
066    import com.liferay.portal.service.UserServiceUtil;
067    import com.liferay.portal.struts.PortletAction;
068    import com.liferay.portal.theme.ThemeDisplay;
069    import com.liferay.portal.util.PortalUtil;
070    import com.liferay.portal.util.PropsValues;
071    import com.liferay.portal.util.WebKeys;
072    import com.liferay.portlet.login.util.LoginUtil;
073    
074    import javax.portlet.ActionRequest;
075    import javax.portlet.ActionResponse;
076    import javax.portlet.PortletConfig;
077    import javax.portlet.PortletURL;
078    import javax.portlet.RenderRequest;
079    import javax.portlet.RenderResponse;
080    
081    import javax.servlet.http.HttpServletRequest;
082    import javax.servlet.http.HttpServletResponse;
083    import javax.servlet.http.HttpSession;
084    
085    import org.apache.struts.action.ActionForm;
086    import org.apache.struts.action.ActionForward;
087    import org.apache.struts.action.ActionMapping;
088    
089    /**
090     * @author Brian Wing Shun Chan
091     * @author Amos Fong
092     * @author Daniel Sanz
093     * @author Sergio González
094     */
095    public class CreateAccountAction extends PortletAction {
096    
097            @Override
098            public void processAction(
099                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
100                            ActionRequest actionRequest, ActionResponse actionResponse)
101                    throws Exception {
102    
103                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
104                            WebKeys.THEME_DISPLAY);
105    
106                    Company company = themeDisplay.getCompany();
107    
108                    if (!company.isStrangers()) {
109                            throw new PrincipalException();
110                    }
111    
112                    String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
113    
114                    try {
115                            if (cmd.equals(Constants.ADD)) {
116                                    if (PropsValues.CAPTCHA_CHECK_PORTAL_CREATE_ACCOUNT) {
117                                            CaptchaUtil.check(actionRequest);
118                                    }
119    
120                                    addUser(actionRequest, actionResponse);
121                            }
122                            else if (cmd.equals(Constants.RESET)) {
123                                    resetUser(actionRequest, actionResponse);
124                            }
125                            else if (cmd.equals(Constants.UPDATE)) {
126                                    updateIncompleteUser(actionRequest, actionResponse);
127                            }
128                    }
129                    catch (Exception e) {
130                            if (e instanceof DuplicateUserEmailAddressException ||
131                                    e instanceof DuplicateUserScreenNameException) {
132    
133                                    String emailAddress = ParamUtil.getString(
134                                            actionRequest, "emailAddress");
135    
136                                    try {
137                                            User user = UserLocalServiceUtil.getUserByEmailAddress(
138                                                    themeDisplay.getCompanyId(), emailAddress);
139    
140                                            if (user.getStatus() !=
141                                                            WorkflowConstants.STATUS_INCOMPLETE) {
142    
143                                                    SessionErrors.add(actionRequest, e.getClass(), e);
144                                            }
145                                            else {
146                                                    setForward(
147                                                            actionRequest, "portlet.login.update_account");
148                                            }
149                                    }
150                                    catch (NoSuchUserException nsue) {
151                                            SessionErrors.add(actionRequest, e.getClass(), e);
152                                    }
153                            }
154                            else if (e instanceof AddressCityException ||
155                                             e instanceof AddressStreetException ||
156                                             e instanceof AddressZipException ||
157                                             e instanceof CaptchaMaxChallengesException ||
158                                             e instanceof CaptchaTextException ||
159                                             e instanceof CompanyMaxUsersException ||
160                                             e instanceof ContactFirstNameException ||
161                                             e instanceof ContactFullNameException ||
162                                             e instanceof ContactLastNameException ||
163                                             e instanceof DuplicateOpenIdException ||
164                                             e instanceof EmailAddressException ||
165                                             e instanceof GroupFriendlyURLException ||
166                                             e instanceof NoSuchCountryException ||
167                                             e instanceof NoSuchListTypeException ||
168                                             e instanceof NoSuchOrganizationException ||
169                                             e instanceof NoSuchRegionException ||
170                                             e instanceof OrganizationParentException ||
171                                             e instanceof PhoneNumberException ||
172                                             e instanceof RequiredFieldException ||
173                                             e instanceof RequiredUserException ||
174                                             e instanceof ReservedUserEmailAddressException ||
175                                             e instanceof ReservedUserScreenNameException ||
176                                             e instanceof TermsOfUseException ||
177                                             e instanceof UserEmailAddressException ||
178                                             e instanceof UserIdException ||
179                                             e instanceof UserPasswordException ||
180                                             e instanceof UserScreenNameException ||
181                                             e instanceof UserSmsException ||
182                                             e instanceof WebsiteURLException) {
183    
184                                    SessionErrors.add(actionRequest, e.getClass(), e);
185                            }
186                            else {
187                                    throw e;
188                            }
189                    }
190    
191                    if (Validator.isNull(PropsValues.COMPANY_SECURITY_STRANGERS_URL)) {
192                            return;
193                    }
194    
195                    try {
196                            Layout layout = LayoutLocalServiceUtil.getFriendlyURLLayout(
197                                    themeDisplay.getScopeGroupId(), false,
198                                    PropsValues.COMPANY_SECURITY_STRANGERS_URL);
199    
200                            String redirect = PortalUtil.getLayoutURL(layout, themeDisplay);
201    
202                            sendRedirect(actionRequest, actionResponse, redirect);
203                    }
204                    catch (NoSuchLayoutException nsle) {
205                    }
206            }
207    
208            @Override
209            public ActionForward render(
210                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
211                            RenderRequest renderRequest, RenderResponse renderResponse)
212                    throws Exception {
213    
214                    ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
215                            WebKeys.THEME_DISPLAY);
216    
217                    Company company = themeDisplay.getCompany();
218    
219                    if (!company.isStrangers()) {
220                            return mapping.findForward("portlet.login.login");
221                    }
222    
223                    renderResponse.setTitle(themeDisplay.translate("create-account"));
224    
225                    return mapping.findForward(
226                            getForward(renderRequest, "portlet.login.create_account"));
227            }
228    
229            protected void addUser(
230                            ActionRequest actionRequest, ActionResponse actionResponse)
231                    throws Exception {
232    
233                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
234                            actionRequest);
235                    HttpSession session = request.getSession();
236    
237                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
238                            WebKeys.THEME_DISPLAY);
239    
240                    Company company = themeDisplay.getCompany();
241    
242                    boolean autoPassword = true;
243                    String password1 = null;
244                    String password2 = null;
245                    boolean autoScreenName = isAutoScreenName();
246                    String screenName = ParamUtil.getString(actionRequest, "screenName");
247                    String emailAddress = ParamUtil.getString(
248                            actionRequest, "emailAddress");
249                    long facebookId = ParamUtil.getLong(actionRequest, "facebookId");
250                    String openId = ParamUtil.getString(actionRequest, "openId");
251                    String firstName = ParamUtil.getString(actionRequest, "firstName");
252                    String middleName = ParamUtil.getString(actionRequest, "middleName");
253                    String lastName = ParamUtil.getString(actionRequest, "lastName");
254                    int prefixId = ParamUtil.getInteger(actionRequest, "prefixId");
255                    int suffixId = ParamUtil.getInteger(actionRequest, "suffixId");
256                    boolean male = ParamUtil.getBoolean(actionRequest, "male", true);
257                    int birthdayMonth = ParamUtil.getInteger(
258                            actionRequest, "birthdayMonth");
259                    int birthdayDay = ParamUtil.getInteger(actionRequest, "birthdayDay");
260                    int birthdayYear = ParamUtil.getInteger(actionRequest, "birthdayYear");
261                    String jobTitle = ParamUtil.getString(actionRequest, "jobTitle");
262                    long[] groupIds = null;
263                    long[] organizationIds = null;
264                    long[] roleIds = null;
265                    long[] userGroupIds = null;
266                    boolean sendEmail = true;
267    
268                    ServiceContext serviceContext = ServiceContextFactory.getInstance(
269                            User.class.getName(), actionRequest);
270    
271                    if (PropsValues.LOGIN_CREATE_ACCOUNT_ALLOW_CUSTOM_PASSWORD) {
272                            autoPassword = false;
273    
274                            password1 = ParamUtil.getString(actionRequest, "password1");
275                            password2 = ParamUtil.getString(actionRequest, "password2");
276                    }
277    
278                    boolean openIdPending = false;
279    
280                    Boolean openIdLoginPending = (Boolean)session.getAttribute(
281                            WebKeys.OPEN_ID_LOGIN_PENDING);
282    
283                    if ((openIdLoginPending != null) && openIdLoginPending.booleanValue() &&
284                            Validator.isNotNull(openId)) {
285    
286                            sendEmail = false;
287                            openIdPending = true;
288                    }
289    
290                    User user = UserServiceUtil.addUserWithWorkflow(
291                            company.getCompanyId(), autoPassword, password1, password2,
292                            autoScreenName, screenName, emailAddress, facebookId, openId,
293                            themeDisplay.getLocale(), firstName, middleName, lastName, prefixId,
294                            suffixId, male, birthdayMonth, birthdayDay, birthdayYear, jobTitle,
295                            groupIds, organizationIds, roleIds, userGroupIds, sendEmail,
296                            serviceContext);
297    
298                    if (openIdPending) {
299                            session.setAttribute(
300                                    WebKeys.OPEN_ID_LOGIN, new Long(user.getUserId()));
301    
302                            session.removeAttribute(WebKeys.OPEN_ID_LOGIN_PENDING);
303                    }
304                    else {
305    
306                            // Session messages
307    
308                            if (user.getStatus() == WorkflowConstants.STATUS_APPROVED) {
309                                    SessionMessages.add(
310                                            request, "userAdded", user.getEmailAddress());
311                                    SessionMessages.add(
312                                            request, "userAddedPassword",
313                                            user.getPasswordUnencrypted());
314                            }
315                            else {
316                                    SessionMessages.add(
317                                            request, "userPending", user.getEmailAddress());
318                            }
319                    }
320    
321                    // Send redirect
322    
323                    String login = null;
324    
325                    if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_ID)) {
326                            login = String.valueOf(user.getUserId());
327                    }
328                    else if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_SN)) {
329                            login = user.getScreenName();
330                    }
331                    else {
332                            login = user.getEmailAddress();
333                    }
334    
335                    sendRedirect(
336                            actionRequest, actionResponse, themeDisplay, login,
337                            user.getPasswordUnencrypted());
338            }
339    
340            protected boolean isAutoScreenName() {
341                    return _AUTO_SCREEN_NAME;
342            }
343    
344            @Override
345            protected boolean isCheckMethodOnProcessAction() {
346                    return _CHECK_METHOD_ON_PROCESS_ACTION;
347            }
348    
349            protected void resetUser(
350                            ActionRequest actionRequest, ActionResponse actionResponse)
351                    throws Exception {
352    
353                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
354                            WebKeys.THEME_DISPLAY);
355    
356                    String emailAddress = ParamUtil.getString(
357                            actionRequest, "emailAddress");
358    
359                    User anonymousUser = UserLocalServiceUtil.getUserByEmailAddress(
360                            themeDisplay.getCompanyId(), emailAddress);
361    
362                    if (anonymousUser.getStatus() != WorkflowConstants.STATUS_INCOMPLETE) {
363                            throw new PrincipalException();
364                    }
365    
366                    UserLocalServiceUtil.deleteUser(anonymousUser.getUserId());
367    
368                    addUser(actionRequest, actionResponse);
369            }
370    
371            protected void sendRedirect(
372                            ActionRequest actionRequest, ActionResponse actionResponse,
373                            ThemeDisplay themeDisplay, String login, String password)
374                    throws Exception {
375    
376                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
377                            actionRequest);
378    
379                    String redirect = PortalUtil.escapeRedirect(
380                            ParamUtil.getString(actionRequest, "redirect"));
381    
382                    if (Validator.isNotNull(redirect)) {
383                            HttpServletResponse response = PortalUtil.getHttpServletResponse(
384                                    actionResponse);
385    
386                            LoginUtil.login(request, response, login, password, false, null);
387                    }
388                    else {
389                            PortletURL loginURL = LoginUtil.getLoginURL(
390                                    request, themeDisplay.getPlid());
391    
392                            loginURL.setParameter("login", login);
393    
394                            redirect = loginURL.toString();
395                    }
396    
397                    actionResponse.sendRedirect(redirect);
398            }
399    
400            protected void updateIncompleteUser(
401                            ActionRequest actionRequest, ActionResponse actionResponse)
402                    throws Exception {
403    
404                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
405                            actionRequest);
406    
407                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
408                            WebKeys.THEME_DISPLAY);
409    
410                    boolean autoPassword = true;
411                    String password1 = null;
412                    String password2 = null;
413                    boolean autoScreenName = false;
414                    String screenName = ParamUtil.getString(actionRequest, "screenName");
415                    String emailAddress = ParamUtil.getString(
416                            actionRequest, "emailAddress");
417                    long facebookId = ParamUtil.getLong(actionRequest, "facebookId");
418                    String openId = ParamUtil.getString(actionRequest, "openId");
419                    String firstName = ParamUtil.getString(actionRequest, "firstName");
420                    String middleName = ParamUtil.getString(actionRequest, "middleName");
421                    String lastName = ParamUtil.getString(actionRequest, "lastName");
422                    int prefixId = ParamUtil.getInteger(actionRequest, "prefixId");
423                    int suffixId = ParamUtil.getInteger(actionRequest, "suffixId");
424                    boolean male = ParamUtil.getBoolean(actionRequest, "male", true);
425                    int birthdayMonth = ParamUtil.getInteger(
426                            actionRequest, "birthdayMonth");
427                    int birthdayDay = ParamUtil.getInteger(actionRequest, "birthdayDay");
428                    int birthdayYear = ParamUtil.getInteger(actionRequest, "birthdayYear");
429                    String jobTitle = ParamUtil.getString(actionRequest, "jobTitle");
430                    boolean updateUserInformation = true;
431                    boolean sendEmail = true;
432    
433                    ServiceContext serviceContext = ServiceContextFactory.getInstance(
434                            User.class.getName(), actionRequest);
435    
436                    User user = UserServiceUtil.updateIncompleteUser(
437                            themeDisplay.getCompanyId(), autoPassword, password1, password2,
438                            autoScreenName, screenName, emailAddress, facebookId, openId,
439                            themeDisplay.getLocale(), firstName, middleName, lastName, prefixId,
440                            suffixId, male, birthdayMonth, birthdayDay, birthdayYear, jobTitle,
441                            sendEmail, updateUserInformation, serviceContext);
442    
443                    // Session messages
444    
445                    if (user.getStatus() == WorkflowConstants.STATUS_APPROVED) {
446                            SessionMessages.add(request, "userAdded", user.getEmailAddress());
447                            SessionMessages.add(
448                                    request, "userAddedPassword", user.getPasswordUnencrypted());
449                    }
450                    else {
451                            SessionMessages.add(request, "userPending", user.getEmailAddress());
452                    }
453    
454                    // Send redirect
455    
456                    String login = null;
457    
458                    Company company = themeDisplay.getCompany();
459    
460                    if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_ID)) {
461                            login = String.valueOf(user.getUserId());
462                    }
463                    else if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_SN)) {
464                            login = user.getScreenName();
465                    }
466                    else {
467                            login = user.getEmailAddress();
468                    }
469    
470                    sendRedirect(
471                            actionRequest, actionResponse, themeDisplay, login,
472                            user.getPasswordUnencrypted());
473            }
474    
475            private static final boolean _AUTO_SCREEN_NAME = false;
476    
477            private static final boolean _CHECK_METHOD_ON_PROCESS_ACTION = false;
478    
479    }